To better protect the interest of users of certification services and enhance their confidence in electronic transactions, a Voluntary Certification Authority Recognition Scheme was established pursuant to the Electronic Transactions Ordinance ("ETO"). Under this scheme, a certification authority ("CA") may voluntarily apply to the Commissioner for Digital Policy ("CDP") for recognition and once recognized the CA shall comply with the requirements of the ETO and the Code of Practice for Recognized Certification Authorities ("Code of Practice") with a view to enhancing public confidence in electronic transaction with the use of recognized digital certificates issued by recognized CAs. Recognition will only be granted to those CAs that have reached a standard acceptable to the CDP and hence the trustworthiness of their systems and services are better ensured. The CDP may revoke a CA’s recognition status if the CA fails to comply with the ETO and the Code of Practice.
The list of CAs recognized under the ETO is available at the disclosure record that the CDP maintains for the recognized CAs.